Google coding typo effectively bricks Chrome OS devices
A hastily released update prevented users from logging into their machines
Google has fixed a serious bug in a Chrome OS stable channel update released earlier this week that locked Chromebook users out of their machines.
The verification error, present in version 91.1.4472.165, came as a result of a single character typo in a string of code in Chrome OS’s Cryptohome VaultKeyset, which is the portion of the operating system that holds user encryption keys.
The string in question was a conditional statement that included a single ampersand, ‘&’, instead of two ampersands, ‘&&’, which is the AND operator in C++. As a result, the conditional statement was broken and meant that Chrome OS was unable to check user passwords against those stored.
This meant, in practice, that all users who had updated to 91.1.4472.165 were met with error messages, even if they had entered the correct password to access their user account. For some users, their devices were even stuck in a boot loop that meant they couldn’t even reach the login screen.
Google rolled out the buggy update through its stable channel last weekend, which bypassed several of its testing channels including the ‘canary’, ‘dev’, and ‘beta’ channels.
DevOps: A view from the enterprise
What's driving DevOps, the impact of value stream management, and more
It was then almost immediately met with widespread complaints on social media platforms such as Reddit. There were several threads and hundreds of posts on the r/chromeos page from users reporting they were unable to access their machines properly, alongside messages warning others not to update to the latest version of Chrome OS.
Google’s engineering team quickly identified the bug and halted the rollout of the Chrome OS update on Tuesday, promising a new version the following day. In the meantime, the team recommended either factory resetting the device or rolling back the Chrome OS device to a previous version via USB. The firm released version 91.1.4472.167 the next day.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
This is the second major bug that’s slipped into the stable channel for Chrome OS updates this month. Another bug that slipped into a final release caused extremely high CPU usage spikes, according to Android Police.
Keumars Afifi-Sabet is a writer and editor that specialises in public sector, cyber security, and cloud computing. He first joined ITPro as a staff writer in April 2018 and eventually became its Features Editor. Although a regular contributor to other tech sites in the past, these days you will find Keumars on LiveScience, where he runs its Technology section.